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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

1. A request for continued examination under 37 CFR 1.114, including the 
fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since 
this application is eligible for continued examination under 37 CFR 1.114, and the fee 
set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office 
action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
April 30, 2008 has been entered. 

2. Applicant's response filed on April 30, 2008 has been carefully 
considered. Claims 1, 7, 9, 15, and 20 have been amended. Claims 1, 3-9, 11-15, 
17-20 and 22 are pending. 

Claim Rejections - 35 USC §103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

4. Claims 1, 3-9, 11-15, 17-20 and 22 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Chen et al. (U.S. Patent No. 7,069,439 B1), hereinafter "Chen", 
in view of Nakayama et al. (U.S. Pub. No. 2004/0147251 A1), hereafter "Nakayama". 
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Referring to claims 1,7, 15, 20 : 

i. Chen teaches: 

A method, comprising: 

dynamically generating a first set of integrity information for a first 
processing system by generating said first set of integrity information for an application 
using a cryptographic algorithm (see figure 5, elements 530 'generate digest', 570 
'compare metrics'; column 4, line 59-column 5, line 2; column 8, lines 4-16; and column 
11, lines 5-16 of Chen); 

sending said first set of integrity information to a second processing 
system (see figure 5, elements 535 'sign & return digest' of Chen); and 

generating an attestation value for said first processing system by 
said second processing system using said first set of integrity information and a 
dynamic attestation module connected to said second processing system prior to 
execution of said application by said first processing system (see column 1 1 , lines 5-16, 
'.. . compares the computed integrity metrics , which it extracts from the challenge 
response, with the proper platform integrity metric , which it extracts from the certificate.'; 
and figure 5, element 590 'establish secure communication', of Chen, emphasis added). 

Chen discloses dynamic authentication of the platform and 
application (see column 8, lines 4-16, particularly "Other know processes, for example 
virus checkers, will typically be in place to check that the operating system and 
application program code has not been subverted ", of Chen, emphasis added). 
However, Chen does not specifically mention selecting an application from a plurality of 
applications. 

ii. Nakayama teaches a portable terminal wherein Nakayama 
discloses selecting an application from a plurality of applications (see figure 5, element 
222 'service identifier area' [i.e., a plurality of applications]; page 7, paragraph [0102], 
lines 9-12 "The service identifier area 222 stores identifiers of services (e.g., "0001", 
"0002", "0003",...) for which the corresponding value entities in the value entity area 221 
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are used"; and paragraph [0098], lines 7-9 "or pull-type transmission in which the store 
server 30 transmits the application in response to an active transmission request from 
the portable terminal 20", of Nakayama). 

iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Nakayama into the method 
of Chen to select an application from a plurality of applications for authentication. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Nakayama into the system of Chen to select an application from 
a plurality of applications for authentication, because Chen teaches dynamic 
authentication of platform and applications (see column 8, lines 4-16 of Chen), and 
Nakayama teaches selection an application from a plurality of applications (see ii 
above). Therefore, Nakayama's teaching could enhance Chen's system by providing 
more flexibility. 

Referring to claims 3. 22 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 1 above). Chen further discloses 

retrieving a second set of integrity information for said first processing 
system (see column 1 1 , lines 5-16, '.. . compares the computed integrity metrics , which it 
extracts from the challenge response, with the proper platform integrity metric , which it 
extracts from the certificate.', of Chen, emphasis added); 

comparing said first set of integrity information with said second set of 
integrity information (see column 11, lines 5-16 of Chen); and 

generating said attestation value in accordance with said comparison (see 
column 1 1 , lines 5-1 6 of Chen). 
Referring to claim 4 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 1 above). Chen further discloses the 
encryption key (see column 4, lines 56-58 of Chen). 
Referring to claims 5. 19 : 
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Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 1 above). Chen further discloses the 
authentication (see column 7, lines 21-26 of Chen). 
Referring to claim 6 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 1 above). Chen further discloses the 
decryption (see column 7, lines 21-26 of Chen). 
Referring to claim 8 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 7 above). Chen further discloses the first and 
the second process (see figure 5, 'trusted device', 'user' [i.e., smart card] of Chen). 
Referring to claim 17 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 15 above). Chen further discloses retrieving 
a second set of integrity information (see column 11, lines 5-16 '...with the proper 
platform integrity metric, which is extracts from the certificate.', of Chen). 
Referring to claim 18 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 15 above). Chen further discloses comparing 
the first set of integrity metric with the second set of integrity metric (see column 1 1 , 
lines 5-16 'compares', of Chen). 
Referring to claim 9 : 

i. Chen teaches: 

A method, comprising: 

a first processing comprising a plurality of applications (see figure 
5, elements 530, 535, 540; column 4, line 59-column 5, line 2; and column 1 1 , lines 5- 
16 of Chen); 

a second processing system to connect said first processing 
system (see figure 5, element 'user' [i.e., smart card] of Chen); and 

a dynamic attestation module to connect to said first and second 
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processing systems, said second processing system to perform dynamic attestation for 
one of said applications to be executed by said first processing system using said 
dynamic attestation module, wherein said dynamic attestation module comprises an 
integrity module to dynamically generate a first set of integrity information for said 
application by generating said first set of integrity information for said application using a 
cryptographic algorithm system prior to execution of said application by said first 
processing system (see column 11, lines 5-16, '.. . compares the computed integrity 
metrics , which it extracts from the challenge response, with the proper platform integrity 
metric , which it extracts from the certificate.'; and figure 5, element 590 'establish 
secure communication', of Chen, emphasis added). 

However, Chen does not specifically mention the antenna and the 

transceiver. 

Chen discloses dynamic authentication of the platform and 
application (see column 8, lines 4-16, particularly "Other know processes, for example 
virus checkers, will typically be in place to check that the operating system and 
application program code has not been subverted ". of Chen, emphasis added). 
However, Chen does not specifically mention selecting an application from a plurality of 
applications. 

ii. Nakayama teaches a portable terminal wherein Nakayama 
discloses the antenna and the transceiver for communicating with other servers (see 
figure 3, element 'A' [i.e., antenna]; and figure 11, elements 23 'application receiver', 
element 27 'value entity transmitter', of Nakayama). 

Nakayama further discloses selecting an application from a plurality 
of applications (see figure 5, element 222 'service identifier area' [i.e., a plurality of 
applications]; page 7, paragraph [0102], lines 9-12 "The service identifier area 222 
stores identifiers of services (e.g., "0001", "0002", "0003",...) for which the 
corresponding value entities in the value entity area 221 are used"; and paragraph 
[0098], lines 7-9 "or pull-type transmission in which the store server 30 transmits the 
application in response to an active transmission request from the portable terminal 20", 
of Nakayama). 
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iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Nakayama into the method 
of Chen to use an antenna and a transceiver for communicating with other servers. 

It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Nakayama into the method 
of Chen to select an application from a plurality of applications for authentication. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Nakayama into the system of Chen to use an antenna and a 
transceiver, because Chen teaches a method for performing dynamic attestation via 
integrity metric (see claim 1 above), and Nakayama teaches utilizing integrity 
measurement in a portable terminal (see e.g. figure 11, element 20 'integrity 
measurement part' of Nakayama). Therefore, Nakayama's teaching could enhance 
Chen's teaching by expanding Chen's method for performing dynamic attestation into a 
portable device. 

The ordinary skilled person would have been motivated to have 
applied the teaching of Nakayama into the system of Chen to select an application from 
a plurality of applications for authentication, because Chen teaches dynamic 
authentication of platform and applications (see column 8, lines 4-16 of Chen), and 
Nakayama teaches selection an application from a plurality of applications (see ii). 
Therefore, Nakayama's teaching could enhance Chen's system by providing flexibility. 

Referring to claims 1 1 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 9 above). They further disclose retrieving a 
second set of integrity information (see column 1 1 , lines 5-16 '...with the proper platform 
integrity metric, which is extracts from the certificate.', of Chen). 

Referring to claims 12 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 9 above). They further disclose comparing 
the first set of integrity metric with the second set of integrity metric (see column 1 1 , 
lines 5-16 'compares', of Chen). 
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Referring to claims 13 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 9 above). They further disclose the 
authentication (see column 7, lines 21-26 of Chen). 
Referring to claims 14 : 

Chen and Nakayama teach the claimed subject matter: a method for 
performing dynamic attestation (see claim 9 above). They further disclose disabling 
access (see column 11, lines 5-16 '...the whole process ends in step 580 with no further 
communications taking place', of Chen). 

Response to Arguments 

5. Applicant's arguments filed on April 30, 2008 have been fully considered 
but they are not persuasive. 

Applicant argues: 

"Applicant respectfully submits that Nakayama clearly fails to teach or suggest 
the dynamic generation of a first set of integrity information for an application. Because 
no first set of integrity information is created in Nakayama, Applicant respectfully 
submits that Nakayama also fails to send said first set of integrity information to a 
second processing system." (see page 3, in the middle, Applicant's 
Arguments/Remarks, emphasis added). 

Examiner maintains: 

The pending Claims 1, 3-9, 11-15, 17-20 and 22 are rejected under 35 
U.S.C. 1 03(a) as being unpatentable over Chen in view of Nakayama. 

Chen discloses the dynamic generation of a first set of integrity information for an 
application (see independent claims 1, 7, 9, 15, and 20 above). 

Applicant argues: 
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"Applicant respectfully submits that Chen fails to disclose the dynamic attestation 
of an application as argued by the Office Action at page 3." (see page 3, last paragraph, 
Applicant's Arguments/Remarks, emphasis added). 

Examiner maintains: 

Chen discloses "In step 530, the trusted device 24 receives the challenge and 
creates an appropriate response. This may be a digest of the measured integrity 
metric and the nonce, and optionally its ID label [i.e., dynamically generate a first set of 
integrity information]. Then, in step 535, the trusted device 24 signs the digest, using its 
private key, and returns the signed digest, accompanied by the certificate 350, to the 
user. 

In step 540, the user receives the challenge response and verifies the certificate 
using the well known public key of the TP. The user then, in step 550, extracts the 
trusted device's 24 public key from the certificate and uses it to decrypt the signed 
digest from the challenge response. Then, in step 560, the user verifies the nonce 
inside the challenge response. Next, in step 570. the user compares the computed 
integrity metric, which it extracts from the challenge response, with the proper 
platform integrity metric, which it extracts from the certificate , [i.e., generating an 
attestation value] If any of the foregoing verification steps fails, in steps 545, 555, 565 
or 575, the whole process ends in step 580 with no further communications taking 
place." (see column 1 0, line 66-column 1 1 , line 1 6 of Chen). 

Therefore, Chen discloses dynamic authentication or attestation. 



Conclusion 

6. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Joseph Pan whose telephone number is 571-272- 
5987. 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached at 571-272-3859. The fax and phone 
numbers for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Any inquiry of a general nature or relating to the status of this application 
or proceeding should be directed to the receptionist whose telephone number is 571- 
272-2100. 



Joseph Pan 
July 11, 2008 
/Hosuk Song/ 

Primary Examiner, Art Unit 2135 



